It’s unreasonable to get mad at someone for spoiling a movie that came out more than two years ago, and a National Security Agency official thinks the same logic should apply to cybersecurity exploits.
Rob Joyce, the NSA’s top cyber policy adviser, on Thursday rebuffed blame after one of the agency’s cyber weapons was used to hold Baltimore’s computer networks for ransom, arguing the attack would’ve been avoided if the city was more proactive with its digital hygiene.
“NSA shares the concerns of all the law-abiding citizens around the world about the threat posed by that criminal, malicious cyber activity, but the characterization that there’s an indefensible nation-state tool propagating ransomware is simply untrue,” Joyce said at a cybersecurity conference hosted by CrowdStrike.
On May 7, hackers reportedly used an NSA tool called EternalBlue to freeze thousands of the Baltimore government’s computers. The attack shut down email and disrupted numerous government services, and it could ultimately cost the city more than $18 million to recover.
EternalBlue, which was stolen during a 2017 breach at NSA, exploited a previously disclosed bug in a Microsoft software package. The company issued a patch for the vulnerability more than two years ago, but because Baltimore never updated its software, the city remained susceptible to the attack.
After the breach that let EternalBlue loose on the public, Joyce said the agency took significant s ..
Support the originator by clicking the read the rest link below.
